1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

[resolved] win 98 slow to start up

Discussion in 'Virus & Other Malware Removal' started by kingmatt, Sep 23, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. kingmatt

    kingmatt Thread Starter

    Joined:
    Jan 14, 2003
    Messages:
    270
    My brother in law's computer before we installed broadband ran fine. Since then its taking a couple of minutes to start up. I'm not sure if its a hijack problem or if I'm just expecting too much from 64 meg of ram with a p400.
    But as I said, it used to work fine.
    I'd appreciate some advice so I've included a hjt log. He does regularly run adawre and spybot and avg.
    Hope someone can help
    Matt

    Logfile of HijackThis v1.98.2
    Scan saved at 6:28:09 PM, on 9/23/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v5.00 (5.00.2919.6304)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
    C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
    C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\EN-AU\MSNAPPAU.EXE
    C:\WINDOWS\RunDLL.exe
    C:\WINDOWS\SYSTEM\CTFMON.EXE
    C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
    C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\DLLHOST.EXE
    D:\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.ninemsn.com.au/0SEDEAT/SAOS01
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portadelaidefc.com.au/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.ozemail.com.au:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.1.1;192.168.1.2;<local>
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1001\EN-XU\STMAIN.DLL
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-AU\MSNTB.DLL
    O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: ninemsn - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-AU\MSNTB.DLL
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.02.3000.1001\en-au\msnappau.exe"
    O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngineMain
    O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Dynalink\Adsl\dslagent.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\COMMON~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
    O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
    O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
    O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
     
  2. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Looks like you cut off some of the log, there is some overhead you could remove here from startup but I don't see any malware.
     
  3. kingmatt

    kingmatt Thread Starter

    Joined:
    Jan 14, 2003
    Messages:
    270
    Thanks,
    I'd welcome any suggestions on what to clean out of startup.
    Matt
     
  4. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Use MSCONFIG to disable these:
    MOSEARCH.EXE
    OSA.EXE
    WZQKPICK.EXE
    WildTangent
     
  5. kingmatt

    kingmatt Thread Starter

    Joined:
    Jan 14, 2003
    Messages:
    270
    Okay,
    Tried things. Didn't work. Evenyually computer locked up. Blew hard drive away and reformatted. In process of doing that had some issues and ended up going into hd through dos.
    Dir on windows directory absolutly loaded with temp files. So many rebooted after 2 minutes of watching them scroll through and still they weren't finished.
    Turned hd into slave and hung hd off another computer and looked at windows directory. Lotsa excell temp files. Manure loads of them. No idea why. Figure that was why the comp was a dog to start up.
    I'm a bad child. In process of reloading windows realised that I'd forgotten to install a firewall. Possibly bad oops.
    Don't know if it will help anyone else, but avg, adaware etc didn't identify problem. I still don't know where all those temp files came from. Very weird. Brother in law talking to me again:)
    regards
    Matt
     
  6. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    If you still have tmps on that drive you want to remove open a dos window go to the slave drive, and type del *.tmp /s
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/277125

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice